From 4b29246c3c5738db2a3fdb7da0b59b63f117962f Mon Sep 17 00:00:00 2001
From: Mateusz Grotek <mateusz.grotek@digital.cabinet-office.gov.uk>
Date: Fri, 25 Oct 2024 10:05:51 +0100
Subject: [PATCH] Enable form data UTF-8 sanitisation

See:
* https://github.com/whitequark/rack-utf8_sanitizer/blob/b069c9ef6d69e58695ec9a7cad68c41b57812468/lib/rack/utf8_sanitizer.rb#L21
* https://github.com/whitequark/rack-utf8_sanitizer/blob/b069c9ef6d69e58695ec9a7cad68c41b57812468/lib/rack/utf8_sanitizer.rb#L84
* https://github.com/whitequark/rack-utf8_sanitizer/blob/b069c9ef6d69e58695ec9a7cad68c41b57812468/lib/rack/utf8_sanitizer.rb#L121
---
 config/application.rb     | 1 -
 lib/sanitiser/strategy.rb | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/config/application.rb b/config/application.rb
index f13f7a67d..4a375aff0 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -135,7 +135,6 @@ class Application < Rails::Application
     config.middleware.insert_before(
       0,
       Rack::UTF8Sanitizer,
-      sanitizable_content_types: [],
       only: %w[QUERY_STRING],
       strategy: Sanitiser::Strategy,
     )
diff --git a/lib/sanitiser/strategy.rb b/lib/sanitiser/strategy.rb
index fc2414343..19ecd35e0 100644
--- a/lib/sanitiser/strategy.rb
+++ b/lib/sanitiser/strategy.rb
@@ -11,7 +11,7 @@ def call(input, sanitize_null_bytes: false)
           raise NullByteInString
         end
       rescue StandardError
-        raise SanitisingError, "Non-UTF-8 (or null) character in the query or in the cookie"
+        raise SanitisingError, "Non-UTF-8 (or null) character in the query, cookie or form data"
       end
     end
   end